CVE-2024-38810

Publication date 20 August 2024

Last updated 24 August 2024

Ubuntu priority

Description

Missing Authorization When Using @AuthorizeReturnObject in Spring Security 6.3.0 and 6.3.1 allows attacker to render security annotations inaffective.

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2024-38810
https://spring.io/security/cve-2024-38810